It could be utterly frustrating to see uninvited advertisements covering most of our browser window. Moreover, advertisements are not one of those safest things in our digital world as they can conceive pathways for hackers to easily attack the targeted systems.
As Microsoft describes, ad injection software has evolved, and is now using a variety of ‘man-in-the-middle’ (MiTM) techniques. Some of these techniques include injection by proxy, changing DNS settings, network layer manipulation and other methods.
All of these techniques intercept communications between the Internet and the PC to inject advertisements and promotions into webpages from outside, without the control of the browser.
MiTM techniques add security risk to customers by introducing another vector of attack to the system.Most modern browsers have controls in them to notify the user when their browsing experience is going to change and confirm that this is what the user intends.
However, many of these methods do not produce these warnings and reduce the choice and control of the user. Also, many of these methods also alter advanced settings and controls that the majority of users will not be able to discover, change, or control.
In order to crack down on such software, Microsoft has announced that, from 31 March 2016, programs that create advertisements in browsers must only use the browsers’ supported extensibility model for installation, execution, disabling, and removal. In other words, they must be installed as plugins to the browsers, and easily removable in the same way.
This technique to steal sensitive information already garnered too much attention earlier when Lenovo’s Superfish adware surfaced. Post too kvh criticism, Lenovo rolled out a tool to remove Superfish from machines, which came with the pre installed program. With these changes, Microsoft is preventing any potential compromise with sensitive data and would disable hackers to get into systems through this pathway.